Passwords must be in SecureString format.
The first command uses ConvertTo-SecureString to convert the specified password, and then stores it in the $KeyEncryptionPassword variable.
Using ConvertTo-SecureString is useful in automation scenarios.

The second command uses Read-Host to read console input for the key encryption password, and then stores it in the $KeyEncryptionPassword variable.
Using Read-Host is a more secure method for UI scenarios.

The third command uses Read-Host to get the password for the user account that has permission to perform the operation.

The fourth command enables shared configuration using the exported configuration and keys at C:\export.

Example 2: Enable shared configuration without importing the keys

This command enables shared configuration, but does not import the keys into the local key store.

PARAMETERS

-DontCopyRemoteKeys

Indicates that IIS uses the currently active keys, and will try to use the configuration specified by the PhysicalPath parameter.
If this exported configuration has secrets encrypted with a different key, IIS will now be unable to decrypt these secrets.